Multi-realm Keystone
Registered by
Kevin L. Mitchell
Currently, in order to make use of a given OpenStack service—when Keystone is in use—, a token issued by Keystone must be presented in the request. This falls short of the federation goal, where a customer running an OpenStack instance could issue a request to a contracted service provider also running OpenStack, using their existing authentication tokens. In this proposal, I put forward a mechanism by which this federation can be accomplished, along with a terminology that can help simplify future discussions.
Blueprint information
- Status:
- Complete
- Approver:
- Ziad Sawalha
- Priority:
- Undefined
- Drafter:
- None
- Direction:
- Approved
- Assignee:
- None
- Definition:
- Obsolete
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
- Joseph Heck
Related branches
Related bugs
Sprints
Whiteboard
(?)